28 October 2015

DISA looks to DARPA for 'quantum leap' in cybersecurity

The Defense Department's primary IT organization is partnering with its advanced research arm in a partnership aimed at accelerating military technology into the future.

The Defense Information Systems Agency and the Defense Advanced Research Projects Agency recently agreed to a partnership that would fast-track deployment-ready cyber technologies from DARPA to troops and other DISA users. The memorandum of understanding focuses on cybersecurity and DARPA's information innovation office, or I2O, according to DISA CTO Dave Mihelcic.

"We've had an off-again, on-again relationship with DARPA over the past 20 years or so. And it's very much on again, and in particular we're looking at how to leverage cybersecurity from DARPA's programs," particularly I2O, Mihelcic said. "What we're trying to do is assess their programs for mature pieces of technology that we can adopt into DISA programs as well as provide them with requirements to drive them in directions in the future."

The strategic partnership is a balance because DISA needs commercial-off-the-shelf or open-source technologies that can be easily taken and applied to programs and capability gaps. However, DARPA often works with prototypical technologies, rather than solutions that are ready to go right out of the box, Mihelcic said.

"We really want finished, supported products, so our goal in working with DARPA is to help guide their technologies to be inserted in either commercial products or other open-source products so that we can then adopt them and pay for support," he said. "I don't want to have to turn into a cyber software development shop – really what I want to be able to do is to buy or steal. And if you look at what we're doing with some of our mainstream cyber portfolio elements, you'll see something similar there."

The partnership works by officials from the two agencies sitting down and matching needs, then generating agreements to evaluate technologies and methods for transitioning them to DISA or commercial products.

"That really is nirvana for me," Mihelcic said. "It's so valuable that [the agencies' leaders are meeting] to ensure that they have a strategic partnership to help industry deliver the products that are a quantum leap more secure than products that we have today. I think [DISA Director LTG Alan Lynn's] vision on that is very similar to mine. He wants to basically have industry provided to the products that are much more secure than they are today that we can easily integrate in our DoD concepts of operations, as opposed to having do significant developments."